Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/mrg30Uqt8JxXRe-1XwYeR8c153M.roa
File: mrg30Uqt8JxXRe-1XwYeR8c153M.roa (raw, json)
Hash identifier: nKtfj9EXM8hVdd1ukkHJcTIAEWSpda8ZQcc1ftkFmWs=
Subject key identifier: 9A:B8:37:D1:4A:AD:F0:9C:57:45:EF:B5:5F:06:1E:47:C7:35:E7:73
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D217F0F5B67BD76764AF84713E68DAD10
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/mrg30Uqt8JxXRe-1XwYeR8c153M.roa
Signing time: Fri 19 Jan 2024 11:33:11 +0000
ROA not before: Fri 19 Jan 2024 11:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 15:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:7f:0f:5b:67:bd:76:76:4a:f8:47:13:e6:8d:ad:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 19 11:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ab837d14aadf09c5745efb55f061e47c735e773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:82:96:40:6f:03:4f:b5:19:48:09:db:f1:77:
66:41:d0:73:b0:d2:e2:80:58:31:b1:df:20:d5:ff:
e1:17:03:87:34:72:56:1d:62:10:51:6c:9a:c9:63:
f0:ee:05:43:a1:bd:ee:88:ce:5d:78:91:53:99:2b:
42:de:19:fe:df:b1:1d:2e:a8:d1:41:fc:cb:84:f4:
bf:6a:28:11:08:38:c7:45:b7:59:51:ef:83:0e:87:
42:62:91:25:a4:57:d8:99:1f:5f:67:85:fc:0b:cf:
70:e2:a0:d3:39:6b:33:cb:20:86:a7:ca:5f:e6:eb:
c3:6f:71:88:3d:9e:33:7a:8b:1d:94:6a:91:a8:bc:
b3:39:bc:a1:38:91:4c:19:ba:3d:62:34:8f:8b:83:
8e:bf:0d:a8:94:a1:d0:23:26:b2:a0:c0:be:71:39:
00:44:fe:46:26:1a:36:52:0f:36:66:40:5b:1e:a6:
f0:3c:d0:68:1e:13:0e:db:2b:1a:2a:33:54:20:15:
f3:27:64:e6:c4:af:1c:ef:15:a7:6b:42:a7:22:14:
0c:cb:d5:8b:54:dd:4f:b9:22:8a:0c:fd:78:3d:00:
da:02:82:d3:da:c2:55:50:be:b7:9d:1f:9b:c8:5e:
74:9d:1f:05:a2:76:6c:21:2e:30:34:86:41:65:d6:
b0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B8:37:D1:4A:AD:F0:9C:57:45:EF:B5:5F:06:1E:47:C7:35:E7:73
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/mrg30Uqt8JxXRe-1XwYeR8c153M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::-2a03:32c0:3010:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:21:a0:88:89:48:b3:0e:ea:c7:37:45:68:1b:e4:ed:40:6e:
07:70:58:73:b2:87:7c:19:ea:c0:e1:9f:6e:67:e2:f0:26:8e:
65:7f:d3:f9:49:77:ae:0c:46:2a:53:0a:fd:f6:33:a0:59:8f:
66:f3:bb:df:bb:14:b0:a1:8a:82:85:1f:ed:5c:4a:8c:96:f3:
90:3f:06:50:d7:4b:28:43:4c:35:5e:3f:e1:00:35:65:11:63:
6a:20:54:3d:eb:9a:d9:cc:e3:ba:71:c9:e0:c6:c8:47:54:bb:
13:7a:f9:d6:15:67:d0:28:b6:a9:08:20:01:bc:1f:e8:cf:77:
1c:84:2d:5a:11:65:2d:82:32:7a:24:9e:db:3c:e2:35:b4:cb:
6c:3c:f8:1c:76:de:8c:80:58:25:8f:52:85:90:b0:4f:67:05:
0d:75:76:5f:62:e7:66:58:4e:02:1e:df:b7:20:a3:26:d0:fc:
67:ec:26:b1:d4:6b:2f:0d:4b:2b:47:a9:59:df:ad:78:53:c9:
d4:37:87:ad:3a:64:b4:1f:f3:32:3b:68:4c:82:15:87:d7:1f:
c8:fc:99:9d:b4:8f:00:2a:16:bb:a7:77:c6:03:1e:42:2c:0b:
9e:2a:2e:90:33:bb:36:99:dd:82:a3:c7:26:46:f1:0e:d6:76:
59:51:97:8f
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY0hfw9bZ712dkr4RxPmja0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE5MTEzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWI4MzdkMTRhYWRmMDljNTc0NWVmYjU1ZjA2MWU0N2M3MzVlNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIKWQG8DT7UZSAnb8XdmQdBzsNLi
gFgxsd8g1f/hFwOHNHJWHWIQUWyayWPw7gVDob3uiM5deJFTmStC3hn+37EdLqjR
QfzLhPS/aigRCDjHRbdZUe+DDodCYpElpFfYmR9fZ4X8C89w4qDTOWszyyCGp8pf
5uvDb3GIPZ4zeosdlGqRqLyzObyhOJFMGbo9YjSPi4OOvw2olKHQIyayoMC+cTkA
RP5GJho2Ug82ZkBbHqbwPNBoHhMO2ysaKjNUIBXzJ2TmxK8c7xWna0KnIhQMy9WL
VN1PuSKKDP14PQDaAoLT2sJVUL63nR+byF50nR8FonZsIS4wNIZBZdawswIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJq4N9FKrfCcV0XvtV8GHkfHNedzMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvbXJnMzBVcXQ4SnhYUmUtMVh3WWVSOGMxNTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowNAQCAAEwLgMEBVV1YAME
Ark5SAMEANlMRDAMAwQA2UxHAwQA2UxIMAwDBAHZTEoDBATZTEAwQgQCAAIwPDAS
AwcBKgMywAAKAwcBKgMywAAMMBIDBwEqAzLAABYDBwAqAzLAABgwEgMHASoDMsAw
DgMHACoDMsAwEDANBgkqhkiG9w0BAQsFAAOCAQEAfyGgiIlIsw7qxzdFaBvk7UBu
B3BYc7KHfBnqwOGfbmfi8CaOZX/T+Ul3rgxGKlMK/fYzoFmPZvO737sUsKGKgoUf
7VxKjJbzkD8GUNdLKENMNV4/4QA1ZRFjaiBUPeua2czjunHJ4MbIR1S7E3r51hVn
0Ci2qQggAbwf6M93HIQtWhFlLYIyeiSe2zziNbTLbDz4HHbejIBYJY9ShZCwT2cF
DXV2X2LnZlhOAh7ftyCjJtD8Z+wmsdRrLw1LK0epWd+teFPJ1DeHrTpktB/zMjto
TIIVh9cfyPyZnbSPACoWu6d3xgMeQiwLnioukDO7NpndgqPHJkbxDtZ2WVGXjw==
Generated at Thu Jan 25 18:43:19 2024 by rpki-client on console-ams.rpki-client.org